Configuring the Windows Azure Pack Tenant Site

  • Article

 

Applies To: Windows Azure Pack

Configuring the Windows Azure Pack management portal for tenants requires making changes to the Windows Azure Pack configuration database using information from Identity Server.

Tip

Before making changes to the Windows Azure Pack database, make a note of the current settings in case you need to revert to the previous identity provider.

To Configure the Windows Azure Pack Management Portal for Tenants

  1. Open the Identity Server website and select Application Integration.

  2. Note the WS-Federation url for use later.

  3. On the computer that Windows Azure Pack is deployed to update the SQL Server Authentication.IdentityProvider within the Tenant Namespace entry with values from Identity Server’s WS-Federation Metadata page. Authentication.IdentityProvider is located in the Microsoft.MgmtSvc.PortalConfigStore database, Config.Settings table. Before changing the entry will look similar to the follow:

    {
   "Realm":"http://azureservices/AuthSite",
   "Endpoint":"https://kataltest01:30071/wsfederation/issue",
   "Certificate":"[Certificate value]"
}

    WS-Federation Metadata is available from the Identity Server administrator webpage and will look similar to the following:

    Identity Server Metadata

    Use the three highlighted values to update Authentication.IdentityProvider with the following values:

    Authentication.Identity Provider

    WS-Federation Metadata Value

    Realm

    entityId

    Endpoint

    If only one endpoint, use wsa:Address (shown above). If there are multiple endpoints, use the WS-Federation HRD value obtained earlier.

    Certificate

    X509Certificate

  4. Login in to the Windows Azure Pack management portal for tenants to see the new identity providers. When you sign in for first time you might be asked to verify your identity by the Identity Provider (depending on their security rules and policies). You may also be asked if you would like to share your information. Once the sign in process is completed, you will be returned to the management portal for tenants.

    Identity Server Login

See Also

Windows Azure Pack Third Party Identity Providers